← Back to context

Comment by gruez

18 hours ago

>And you have to work around that, because IT dept of the corporation will never lift restrictions.

Because otherwise people do dumb stuff like pasting proprietary designs or PII into deepseek

7 comments

gruez

Reply
kbelder  17 hours ago

Oh, they'll do that anyway, once they find the workaround (Oh... you can paste a credit card if you put periods instead of dashes! Oh... I have to save the file and do it from my phone! Oh... I'll upload it as a .txt file and change the extension on the server!)

It's purely illusory security, that doesn't protect anything but does levy a constant performance tax on nearly every task.

  • gruez  17 hours ago

    >Oh, they'll do that anyway, once they find the workaround ...

    This is assuming the DLP service blocks the request, rather than doing something like logging it and reported to your manager and/or CIO.

    >It's purely illusory security, that doesn't protect anything but does levy a constant performance tax on nearly every task.

    Because you can't ask deepseek to extract some unstructured data for you? I'm not sure what the alternative is, just let everyone paste info into deepseek? If you found out that your data got leaked because some employee pasted some data into some random third party service, and that the company didn't have any policies/technological measures against it, would your response still be "yeah it's fine, it's purely illusory security"?

  • unethical_ban  17 hours ago

    What's the term for the ideology that "laws are silly because people sometimes break them"?

    • jeltz  17 hours ago

      Posting stuff into Deepseek is banned. The corporate firewall is like putting a camera in your home because you may break the law. But, yeah, arguing against cameras in homes because people find dead angles where they can hide may not be the strongest argument.

      1 reply →

    • collingreen  16 hours ago

      I don't think that's a good read if the post you're implying this at. I think a more charitable read would be something like "people break rules for convenience so if your security relies on nobody breaking rules then you don't have thorough security".

      You and op can be right at the same time. You imply the rules probably help a lot even while imperfect. They imply that pretending rules alone are enough to be perfect is incomplete.